Analysis

Mark GregoryTechnology correspondent, BBC News

North Korea is the obvious suspect but proving that Pyongyang was behind these latest attacks on computer systems at South Korean banks and broadcasters, if it was, is expected to take weeks or even months of painstaking research.

Security experts say an early line of inquiry will be attempting to identify the server or severs used to mount the attacks. North Korea has been accused of several previous rounds of hacker attacks on its neighbour to the South.

But there is plenty of free software easily available on the internet that would-be hackers can download and use without advanced skills.

That kind of software won't penetrate highly secure systems. But the latest targets in South Korea - certainly the broadcasters - probably weren't well defended.

It is seen as likely the hackers deliberately picked relatively easy targets that gained them a lot of publicity but caused little long-term damage.

North Korea has been blamed for several breaches over the past few years, she says.

Initially, South Korea's Communications Commission suspected a cyber-attack. However, the BBC was later told that experts had concluded it was not a denial-of-service attack, of the kind South Korea has experienced in the past.

'Skulls' on screens

Staff at the three broadcasters said their computers crashed and could not be restarted, with screens simply displaying an error message, although they have continued to make television broadcasts, our correspondent said.

There were also reports of skulls popping up on some computer screens, which could indicate that hackers had installed malicious code in the networks, the Korean Internet Security Agency said.

Some services at Shinhan bank, including internet banking and ATM machines, were also affected, although operations now appear to have been restored.

In the immediate aftermath of the incident, South Korean internet service provider LG Uplus said it believed its network had been hacked, Reuters news agency reported.

An official from the presidential office told Yonhap news agency it was not yet known whether North Korea was involved.

"We do not rule out the possibility of North Korea being involved, but it's premature to say so," Defence Ministry spokesman Kim Min-seok said.

Hackers can cover their tracks by launching their attacks indirectly by hijacking other people's computer systems, says the BBC's technology correspondent Mark Gregory.

Tracing an attack to its original source can be complex in the extreme, he adds.

Services at two banks were hit by the incident, which began at around 14:00 local time

However, in some highly sophisticated attacks, hackers' precise methods have provided clues to their identity.

Slight variations in method have acted as a kind of digital signature, to help investigators trace who they are, our correspondent says.

Surveillance upgrade

No government-related computer networks were affected, an official from the National Computing and Information Agency (NCIA) told Yonhap.

The military has upgraded its information surveillance status by one level, Yonhap said.

North Korea is believed to have been behind two major cyber attacks on the South, in 2009 and 2011, that targeted government agencies and financial firms.

Nonghyup bank was one of the victims of the 2011 attack, which left its customers unable to access or transfer their cash for three days.

North Korea has stepped up rhetoric in recent days in response to fresh UN sanctions over its nuclear test in February and joint annual military drills between the US and South Korea, which it bitterly opposes.

On 15 March, North Korea's KCNA news agency accused the US and its allies of "intensive and persistent" hacking attacks on its networks.

Official sites such as KCNA, Air Koryo and Rodong Sinmun, the party newspaper, were reportedly inaccessible for short periods.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.